diff --git a/app/controllers/question_banks_controller.rb b/app/controllers/question_banks_controller.rb index 96fcbeace..00fea5f3e 100644 --- a/app/controllers/question_banks_controller.rb +++ b/app/controllers/question_banks_controller.rb @@ -1,6 +1,7 @@ class QuestionBanksController < ApplicationController before_action :require_login, :check_auth before_action :params_filter, except: [:my_courses] + before_action :teacher_or_admin, except: [:bank_list] # 题库选用列表 # object_type: # normal 普通作业题库; group 分组作业题库; poll问卷题库; exercise试卷题库; gtask 毕设选题题库;gtopic 毕设任务 @@ -81,24 +82,29 @@ class QuestionBanksController < ApplicationController def my_courses @courses = current_user.manage_courses.where(is_delete: 0, is_end: 0) + unless params[:search].blank? + @courses = @courses.where("name like ?", "%#{params[:search].strip}%") + end end def send_to_course - bank = current_bank - course = current_user.manage_courses.find_by(id: params[:course_id]) - case @object_type - when 'HomeworkBank' # 作业 - quote_homework_bank bank, course - when 'ExerciseBank' - if bank.container_type == 'Exercise' # 试卷 - quote_exercise_bank bank, course - else # 问卷 - quote_poll_bank bank, course + banks = object_banks + course = current_user.manage_courses.find_by!(id: params[:course_id]) + banks.each do |bank| + case @object_type + when 'HomeworkBank' # 作业 + quote_homework_bank bank, course + when 'ExerciseBank' + if bank.container_type == 'Exercise' # 试卷 + quote_exercise_bank bank, course + else # 问卷 + quote_poll_bank bank, course + end + when 'GtaskBank' + quote_gtask_bank bank, course + when 'GtopicBank' + quote_gtopic_bank bank, course end - when 'GtaskBank' - quote_gtask_bank bank, course - when 'GtopicBank' - quote_gtopic_bank bank, course end normal_status("发送成功") end @@ -106,7 +112,7 @@ class QuestionBanksController < ApplicationController def destroy bank = current_bank - unless user.admin? || bank.user_id == user.id + unless current_user.admin? || bank.user_id == current_user.id render_forbidden return end @@ -121,11 +127,32 @@ class QuestionBanksController < ApplicationController render_ok end + def multi_delete + @objects = object_banks + @objects.destroy_all + normal_status("删除成功") + end + + def multi_public + @objects = object_banks + @objects.update_all(is_public: true) + normal_status("更新成功") + end + private + def object_banks + banks ||= @object_type.classify.constantize.where(@object_filter).where(id: params[:object_id]) + unless current_user.admin? + banks = banks.where(user_id: current_user.id) + end + banks + end + def current_bank @_current_bank ||= @object_type.classify.constantize.where(@object_filter).find(params[:id]) end + def params_filter type = ["normal", "group", "poll", "exercise", "gtask", "gtopic"] tip_exception("object_type类型不正确") unless type.include?(params[:object_type]) @@ -152,6 +179,10 @@ class QuestionBanksController < ApplicationController end end + def teacher_or_admin + tip_exception(403, "无权限操作") unless current_user.is_certification_teacher || current_user.admin? + end + def quote_homework_bank homework, course ActiveRecord::Base.transaction do # 复制作业的基本信息 diff --git a/config/routes.rb b/config/routes.rb index ec366edec..a0aaa65cc 100644 --- a/config/routes.rb +++ b/config/routes.rb @@ -632,6 +632,8 @@ Rails.application.routes.draw do post :save_banks get :my_courses post :send_to_course + delete :multi_delete + post :multi_public end end